George Stephanides

Design Pattern Detection Using Similarity Scoring

The identification of design patterns as part of the reengineering process can convey important information to the designer. However, existing pattern detection methodologies generally have problems in dealing with one or more of the following issues: identification of modified pattern versions, search space explosion for large systems and extensibility to novel patterns. In this paper, a design pattern detection methodology is proposed that is based on similarity scoring between graph vertices. Due to the nature of the underlying graph algorithm, this approach has the ability to also recognize patterns that are modified from their standard representation. Moreover, the approach exploits the fact that patterns reside in one or more inheritance hierarchies, reducing the size of the graphs to which the algorithm is applied. Finally, the algorithm does not rely on any pattern-specific heuristic, facilitating the extension to novel design structures. Evaluation on three open-source projects demonstrated the accuracy and the efficiency of the proposed method

The economic approach of information security

This article introduces to the reader the sceptic of the economic evaluation of a security framework. We identify that there must be an economic evaluation of security investment, in order to avoid cost and risks of a security breach. We vindicate why the security economic plan must encompass our choices to provide security solutions. Furthermore, what are the measurements that are employed to provide the confidence of security to an acceptable level.

A novel technique for image steganography based on a high payload method and edge detection

Image steganography has received a lot of attention during the last decade due to the lowering of the cost of storage media, which has allowed for wide use of a large number of images. We present a novel technique for image steganography which belongs to techniques taking advantage of sharp areas in images in order to hide a large amount of data. Specifically, the technique is based on the edges present in an image. A hybrid edge detector is used for this purpose. Moreover, a high payload technique for color images is exploited. These two techniques are combined in order to produce a new steganographic algorithm. Experimental results show that the new method achieves a higher peak signal to noise ratio for the same number of bits per pixel of embedded image.

Architectural Risk Analysis of Software Systems Based on Security Patterns

The importance of software security has been profound, since most attacks to software systems are based on vulnerabilities caused by poorly designed and developed software. Furthermore, the enforcement of security in software systems at the design phase can reduce the high cost and effort associated with the introduction of security during implementation. For this purpose, security patterns that offer security at the architectural level have been proposed in analogy to the well-known design patterns. The main goal of this paper is to perform risk analysis of software systems based on the security patterns that they contain. The first step is to determine to what extent specific security patterns shield from known attacks. This information is fed to a mathematical model based on the fuzzy-set theory and fuzzy fault trees in order to compute the risk for each category of attacks. The whole process has been automated using a methodology that extracts the risk of a software system by reading the class diagram of the system under study.

A qualitative analysis of software security patterns

Software security, which has attracted the interest of the industrial and research community during the last years, aims at preventing security problems by building software without the so-called security holes. One way to achieve this goal is to apply specific patterns in software architecture. In the same way that the well-known design patterns for building well-structured software have been defined, a new kind of patterns called security patterns have emerged. These patterns enable us to incorporate a level of security already at the design phase of a software system. There exists no strict set of rules that can be followed in order to develop secure software. However, a number of guidelines have already appeared in the literature. Furthermore, the key problems in building secure software and major threat categories for a software system have been identified. An attempt to evaluate known security patterns based on how well they follow each principle, how well they encounter with possible problems in building secure software and for which of the threat categories they do take care of, is performed in this paper. Thirteen security patterns were evaluated based on these three sets of criteria. The ability of some of these patterns to enhance the security of the design of a software system is also examined by an illustrative example of fortifying a published design.

Application of graph theory to OO software engineering

Graph Theory, which studies the properties of graphs, has been widely accepted as a core subject in the knowledge of computer scientists. So is Object-Oriented (OO) software engineering, which deals with the analysis, design and implementation of systems employing classes as modules. The latter field can greatly benefit from the application of Graph Theory, since the main mode of representation, namely the class diagram, is essentially a directed graph. The study of graph properties can be valuable in many ways for understanding the characteristics of the underlying software systems. Representative examples for the usefulness of graph theory on OO systems based on recent research results are presented in this paper.

A qualitative evaluation of security patterns

Software Security has received a lot of attention during the last years. It aims at preventing security problems by building software without the so-called security holes. One of the ways to do this is to apply specific patterns in software architecture. In the same way that the well-known design patterns for building well-structured software have been used, a new kind of patterns, called security patterns have emerged. The way to build secure software is still vague, but guidelines for this have already appeared in the literature. Furthermore, the key problems in building secure software have been mentioned. Finally, threat categories for a software system have been identified. Based on these facts, it would be useful to evaluate known security patterns based on how well they follow each guideline, how they encounter with possible problems in building secure software and for which of the threat categories they do take care of.

A new efficient primal dual simplex algorithm

The purpose of this paper is to present a revised primal dual simplex algorithm (RPDSA) for linear programming problems. RPDSA has interesting theoretical properties. The advantages of the new algorithm are the simplicity of implementation, low computational overhead and surprisingly good computational performance. The algorithm can be combined with interior point methods to move from an interior point to a basic optimal solution. The new algorithm always proved to be more efficient than the classical simplex algorithm on our test problems. Numerical experiments on randomly generated sparse linear problems are presented to verify the practical value of RPDSA. The results are very promising. In particular, they reveal that RPDSA is up to 146 times faster in terms of number of iterations and 94 times faster in terms of CPU time than the original simplex algorithm (SA) on randomly generated problems of size 1200 × 1200 and density 2.5%.

An efficient simplex type algorithm for sparse and dense linear programs

We present a big-M method for solving general linear programming problems with a recently developed exterior point simplex algorithm (EPSA). We also provide intuitive motivations to EPSA. We describe major steps in implementing EPSA for large-scale linear programming. Our implementation was carried out under the MATLAB environment. This algorithm seems to be more efficient than the classical primal simplex algorithm (PSA), employing Dantzigs rule. Preliminary computational studies on randomly generated sparse and dense small and medium linear programs support this belief. In particular, EPSA is up to 10 times faster than PSA on medium size linear programs. This translates into corresponding savings in CPU time. Although the computational effort required in each step of EPSA requires more time compared to an iteration step of PSA, the improvement of EPSA comes from the fact that it requires adequately less iterations than PSA. Moreover, as the problem size increases and the problem density decreases, EPSA gets relatively faster. 2002 Elsevier Science B.V. All rights reserved.

Evaluating Performance and Power of Object-Oriented Vs. Procedural Programming in Embedded Processors

The development of high-performance and low power portable devices relies on both the underlying hardware architecture and technology as well as on the application software that executes on emnbedded processor cores. It has been extensively pointed out that the increasing complexity and decreasing time-to-market of embedded software can only be confronted to use objected oriented programming languages such as C++. However, the object-oriented approach is known to introduce a significant performance penalty compared to classical procedural programming. In this paper, the object oriented programming style is evaluated in terms of both performance and power for embedded applications. A set of benchmark kernels is compiled and executed on an embedded processor simulator while the results are fed to instruction level and memory power models to estimate the power consumption of each system component for both programming styles.